No warrant, no problem: How the government can still get your digital data

And you may never find out about it.

The US government isn’t allowed to wiretap American citizens without a warrant from a judge. But there are plenty of legal ways for law enforcement, from the local sheriff to the FBI, to snoop on the digital trails you create every day. Authorities can often obtain your e-mails and texts by going to Google or AT&T with a simple subpoena. Usually you won’t even be notified. The Senate last week took a step toward updating privacy protection for emails, but it's likely the issue will be kicked to the next Congress. In the meantime, here’s how police can track you without a warrant now:

What the law says: Police can get phone records without a warrant thanks to Smith v. Maryland, a Supreme Court ruling in 1979, which found that the Constitution's Fourth Amendment protection against unreasonable search and seizure doesn't apply to a list of phone numbers. TheNew York Timesreported last week that the New York's police department "has quietly amassed a trove" of call records by routinely issuing subpoenas for them from phones that had been reported stolen. According to TheTimes, the records "could conceivably be used for any investigative purpose."

Location data: Your phone is a tracker

How they get it: Many cell phone carriers provide authorities with a phone's location and may charge a fee for doing so. Cell towers track where your phone is at any moment, and so can the GPS features in some smartphones. The major cell carriers, including Verizon and AT&T, responded to at least 1.3 million law enforcement requests for cell phone locations, text messages and other data in 2011. Internet service providers can also provide location data that tracks users via their computer's IP address—a unique number assigned to each computer.

What the law says: Many courts have ruled that police don't need a warrant from a judge to get cell phone location data. They only have to show that, under the federal Electronic Communications Privacy Act (EPCA), the data contains "specific and articulable facts" related to an investigation—again, a lesser standard than probable cause. Delaware, Maryland and Oklahoma have proposed laws that would require police to obtain a warrant for location data; Gov. Jerry Brown of California, a Democrat, vetoed a similar bill in September. Last week, the Senate Judiciary Committee approved a bill championed by Sen. Patrick Leahy (D-VT), to update the ECPA, but it would not change how location data is treated.

IP addresses: What computers you used

How they get it: Google, Yahoo, Microsoft and other webmail providers accumulate massive amounts of data about our digital wanderings. A warrant is needed for access to some e-mails (see below), but not for the IP addresses of the computers used to log into your mail account or surf the Web. According to the American Civil Liberties Union, those records are kept for at least a year.

What the law says: Police can thank US v. Forrester, a case involving two men trying to set up a drug lab in California, for the ease of access. In the 2007 case, the government successfully argued that tracking IP addresses was no different from installing a device to track every telephone number dialed by a given phone (which is legal). Police only need a court to sign off on a subpoena certifying that the data they're after is relevant to an investigation—the same standard as for cell phone records.

E-mails: Messages you sent months ago

How they get it: There's a double standard when it comes to e-mail, one of the most requested types of data. A warrant is needed to get recent e-mails, but law enforcement can obtain older ones with only a subpoena. Google says it received 7,969 requests for data—including e-mails sent through its Gmail service—from US law enforcement in the first half of 2012 alone. Other e-mail providers have not made similar statistics available.

What the law says: This is another area where the ECPA comes into play. The law gives greater protection to recent messages than older ones, using a 180-day cutoff. Only a subpoena is required for e-mails older than that; otherwise, a warrant is necessary. The Leahy bill would require a warrant to get all e-mails regardless of age.

E-mail drafts: Drafts are different

How they get it: Communicating through draft e-mails, à la David Petreaus and Paula Broadwell, seems sneaky. But drafts are actually easier for investigators to get than recently sent e-mails because the law treats them differently.

What the law says: The ECPA distinguishes between communications—e-mails, texts, etc.—and stored electronic data. Draft e-mails fall into the latter, which get less protection under the law. Authorities need only a subpoena for them. The Leahy bill would change that by requiring a warrant to obtain them.

Text messages: As with e-mails, so with texts

How they get it: Investigators need only a subpoena, not a warrant, to get text messages more than 180 days old from a cell provider—the same standard as e-mails. Many carriers charge authorities a fee to provide texts and other information. For texts, Sprint charges $30, for example, while Verizon charges $50.

What the law says: The ECPA also applies to text messages, according to Hanni Fakhoury, a lawyer with the Electronic Frontier Foundation, which is why the rules are similar to those governing e-mails. But the ECPA doesn't apply when it comes to actually reading texts on someone's phone rather than getting them from a carrier. State courts have split on the issue. Ohio's Supreme Court has ruled that police need a warrant to view the contents of cell phones of people who've been arrested, including texts. But the California Supreme Court has said no warrant is needed. The US Supreme Court in 2010 declined to clear up the matter.

Cloud data: Documents, photos, and other stuff stored online

How they get it: Authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers, or "in the cloud," as it's known.

What the law says: The law treats cloud data the same as draft e-mails—authorities don't need a warrant to get it. But files that you've shared with others—say, a collaboration using Google Docs—might require a warrant under the ECPA if it's considered "communication" rather than stored data. "That's a very hard rule to apply," says Greg Nojeim, a senior counsel with the Center for Democracy and Technology. "It actually makes no sense for the way we communicate today."

Social media: The new privacy frontier

How they get it: When it comes to sites like Facebook, Twitter and LinkedIn, the social networks' privacy policies dictate how cooperative they are in handing over users' data. Facebook says it requires a warrant from a judge to disclose a user's "messages, photos, videos, wall posts, and location information." But it will supply basic information, such as a user's e-mail address or the IP addresses of the computers from which someone recently accessed an account, under a subpoena. Twitter reported in July that it had received 679 requests for user information from US authorities during the first six months of 2012. Twitter says that "non-public information about Twitter users is not released except as lawfully required by appropriate legal process such as a subpoena, court order, or other valid legal process."

What the law says: Courts haven't issued a definitive ruling on social media. In September, a Manhattan Criminal Court judge upheld a prosecutor's subpoena for information from Twitter about an Occupy Wall Street protester arrested on the Brooklyn Bridge in 2011. It was the first time a judge had allowed prosecutors to use a subpoena to get information from Twitter rather than forcing them to get a warrant; the case is ongoing.

Promoted Comments

When Ars run on this topic before, I had mentioned that I think it's would be helpful to mention the rules on postal mails to give people better context information. And that the phone number lists/other traffic analysis information are merely logical extension of long-standing rules on "mail cover."

Keep in mind that although you have privacy in the contents of your mail and packages, you don’t have any privacy in the "to" and "from" addresses printed on them. That means the police can ask the post office to report the name and address of every person you send mail to or receive mail from — this is called a "mail cover" — without getting a warrant. Mail covers are a low-tech form of "traffic analysis," which we’ll discuss in the section dealing with electronic surveillance.

You don’t have any privacy in what you write on a postcard, either. By not putting your correspondence in an envelope, you’ve knowingly exposed it, and the government can read it without a warrant.

52 Reader Comments

Expect the problem to get worse. People today are far more concerned with convenience than privacy. The fact that Facebook still has _any_ users is an indication that people don't really care about their privacy; it isn't on most peoples' minds.

If you care about privacy, keep as much info local as possible. It's inconvenient to run your own email server but if you control the computers that store your drafts, there's nothing to subpoena. The cops would have to get a warrant to gain access to the box.

There's a double standard when it comes to e-mail, one of the most requested types of data. A warrant is needed to get recent e-mails, but law enforcement can obtain older ones with only a subpoena.... This is another area where the ECPA comes into play. The law gives greater protection to recent messages than older ones, using a 180-day cutoff.

I don't believe this is true in the Sixth Circuit:

Quote:

"Given the fundamental similarities between e-mail and traditional forms of communication, it would defy common sense to afford e-mails lesser Fourth Amendment protection," wrote the court.

"It follows that e-mail requires strong protection under the Fourth Amendment; otherwise the Fourth Amendment would prove an ineffective guardian of private communication, an essential purpose it has long been recognized to serve," wrote the court. "[T]he ISP is the functional equivalent of a post office or a telephone company. As we have discussed above, the police may not storm the post office and intercept a letter, and they are likewise forbidden from using the phone system to make a clandestine recording of a telephone call—unless they get a warrant, that is."

Both men argued that one of the primary reasons for [Leahy's] new bill’s passage would be to provide clarity between current case law and investigatory practice. In 2010, the Sixth Circuit Court of Appeals ruled that the Fourth Amendement protecting unreasonable searches and seizures also protects e-mail, even if it’s over 180 days old.

Because online e-mail providers (like Google’s Gmail, for instance) can’t know if their customers fall under the Sixth Circuit jurisdiction, many have taken to requiring a warrant from law enforcement when they may not need to.

With these draconian laws, the US government effectively has powers that many users would only likely associated with a country such as China or Iran. The fact that American police and the FBI doesn't appear to be abuse the existing laws is not an excuse for rendering these laws acceptable. In the social media age, one's digital life is probably the most insightful and potentially invasive form of government spying. In particular, laws that don't seem to properly reflect America's idea of proper judicial oversight:1) Emails and texts - the 180 day rule. I have a hard time believing that mail and texts that are older than 180 days old only require a subpoena. We live in the age of Gmail and Outlook mail, where nobody deletes anything anymore. I am sure that everyone, to some extent or another, has activities online that fall into legally problematic areas without them ever realizing it. ANY personal communication should require a full court order, if only to ensure that the data collected from a given investigation points to a single case.2) Anything that involves location data with only a sub-poena. This includes, apparently, social media such as Twitter (where location data is common). And, of course, cell phones.

These laws, in my mind, aren't consistent with "freedom" and the belief that every person is innocent until proven guilty, and that police have to have reasonable cause (vetted by a judge) to carry out a full investigation of personal information.

I stopped running my own email server long ago when services stopped accepting traffic from servers without a fixed IP address. Yeah, like that really stops spam etc.

Static IPs are cheap. You can get a decent enough VPS for email for $10 or so a month. Or, around here at least, business-class cable or DSL internet runs about $20 a month more than consumer, they don't seem to care if you're actually a business, there are no bandwidth caps, and 3 or 5 (hello, duopoly!) static IPs.

With the VPS, you could rather easily split it several ways. My current web host is Linode, at $20 a month. If I could get 3 other buddies to split it with me, $50 a year would get us email from static IPs. Pay $10 or so a year (I don't remember) for your own vanity domain, and you're good.

snowsnoot wrote:

Locations are used during 911 calls.. Not a bad thing IMO

Not at all, but in that instance you're de facto agreeing to allow it, since you called 911 in the first place.

I would like to see the law simplified such that PII--be it on paper, over a wire or fiber, or over the air--is all treated the same. You have to get a subpoena for it, and if you don't want the subject of the subpoena notified it's a separate proceeding.

Well I can imagine that if a law was crafted to require a warrant for getting cell phone GPS information that emergency calls and calls to the police would be an exception. There was an interesting TED talk where one man got all of his cell GPS information and it plotted out his every location. I think I'd prefer the government not know every place I've visited in the last three weeks with such easy access to the data. While I know that privacy isn't high on the average person's list, I feel they'll only realize their folly once they have that information used against them.

Two things. How easy is it for an individual to get the data collected on them? Two those pay services that say they can get other people's records for you. The legality of those, and how much information can they get a hold of?

When Ars run on this topic before, I had mentioned that I think it's would be helpful to mention the rules on postal mails to give people better context information. And that the phone number lists/other traffic analysis information are merely logical extension of long-standing rules on "mail cover."

Keep in mind that although you have privacy in the contents of your mail and packages, you don’t have any privacy in the "to" and "from" addresses printed on them. That means the police can ask the post office to report the name and address of every person you send mail to or receive mail from — this is called a "mail cover" — without getting a warrant. Mail covers are a low-tech form of "traffic analysis," which we’ll discuss in the section dealing with electronic surveillance.

You don’t have any privacy in what you write on a postcard, either. By not putting your correspondence in an envelope, you’ve knowingly exposed it, and the government can read it without a warrant.

Location discovery is automatically turned on when you call 911, even if you had GPS and Bluetooth and WiFi and location services turned off. This helps the cell network route the call to the closest first responder. Otherwise, your phone should be working for you, obscuring your location unless you explicitly allow your location to be shared.

With these draconian laws, the US government effectively has powers that many users would only likely associated with a country such as China or Iran...These laws, in my mind, aren't consistent with "freedom" and the belief that every person is innocent until proven guilty, and that police have to have reasonable cause (vetted by a judge) to carry out a full investigation of personal information.

Bless. In reality the security services and serious crime squads in every country on earth from Switzerland to Swaziland do all this and way more in pursuit of serious criminal or terrorist activity and always have done, whatever the technology of the time has been. Even the Patriot Act merely formalises and publicises what everyone has always done, indeed long standing bilateral security protocols are usually invoked between western allies and the USA rather than that Act itself in most cases. The big boys don't care what you're torrenting or what porn you've downloaded (with one obvious example) but if you're planning to knock over a bank or an airliner they're going to be listening in (if they're actually doing their jobs), just as if you were plotting by phone, postcard or semaphore, regardless of the fine print in whatever privacy legislation.

There's a lot of guff about "police states" and "1984" in these discussions from people who've never lived in the former or read the latter. In reality a state uses such powers either to protect the population or oppress it depending on the nature of the state in question, but having and on occasion using such powers is common to all. This does not in anyway make the FBI the Stasi, outside the fevered imaginations of people whose self importance is outweighed only by their pirate bay film collection and irrelevance to the powers that be.

This is why my cloud backups are encrypted before they are sent to the cloud. Eventually, I will be pulling as much as I can back in-house, till the laws get clarified.

This brings up an excellent question: What can the government do about encrypted texts, e-mails, cloud storage and the like — does that actually make your stuff more secure from the government's prying eyes?

Some people like to watch, others need an audience. There's potential for meta mischief here. Think "Spook versus Spook."

How embarrassing when they find out things they don't want to know, General. I am reminded of the poor officers who actually have to look at the body scans at the airport. For every beautiful body there's another that's equally ugly. The ennui must be brutal.

Said it before, I'll say again: thank God I don't live in that god-forsaken wasteland anymore.

Unfortunately, those of us who live outside the US have even less legal protection from the US government

In particular I'm thinking of William Binney's whistleblowing on the NSA. The thrust of his complaint is that they took the program he developed and turned it on US citizens. Now he claims that pretty much anything a person living in the US does online is captured and stored for the future. If this is the extent to which the program is being used against people in the US I think it's pretty reasonable to conclude that it's being used similarly against people elsewhere, i.e. totally indiscriminately.

Posting things on the internet or over the internet that you intend to be private requires strong encryption. Nothing less is useful. * Email is like a postcard.* Cloud storage is "storage on someone else's computer"

For email security look into Gpg and OpenPG. Anything less is "like a postcard."

For storage security look into Truecrypt.

For transmitting data over the internet securely, look into a VPN that is not based on HTTPS. HTTPS is HTTP over SSL, but it used certificates that can be spoofed. Yes, HTTPS for Amazon.com can be spoofed folks. It isn't as difficult as it should be. Most large companies already do this for all HTTPS traffic. Many governments do this too.

Using these things is not as convenient as not using them and 1 little mistake can be enough.

OTOH, posting this and any other reponse on any web page is giving away a little privacy too. Privacy on the internet is hard - extremely hard. Using "tor" is not enough - not by a long shot. 10 other things are probably necessary to truly ensure privacy on the internet. If you can't name them off the top of your head, forget it. You are part of the crowd and being tracked at will.

Posting things on the internet or over the internet that you intend to be private requires strong encryption. Nothing less is useful. * Email is like a postcard.* Cloud storage is "storage on someone else's computer"

For email security look into Gpg and OpenPG. Anything less is "like a postcard."

For storage security look into Truecrypt.

For transmitting data over the internet securely, look into a VPN that is not based on HTTPS. HTTPS is HTTP over SSL, but it used certificates that can be spoofed. Yes, HTTPS for Amazon.com can be spoofed folks. It isn't as difficult as it should be. Most large companies already do this for all HTTPS traffic. Many governments do this too.

Using these things is not as convenient as not using them and 1 little mistake can be enough.

OTOH, posting this and any other reponse on any web page is giving away a little privacy too. Privacy on the internet is hard - extremely hard. Using "tor" is not enough - not by a long shot. 10 other things are probably necessary to truly ensure privacy on the internet. If you can't name them off the top of your head, forget it. You are part of the crowd and being tracked at will.

Very well said. It is sad that security is so inconvenient. It makes it really hard to persuade others to make use of it. Personally I would encrypt every email I send but so few (read none) of my contacts know how to or are willing to learn. While I love the "free" open internet I really wish a lot more had been done to make it a more secure place. But then again, I guess a lot of people don't really want it that way.

The short of it is, if an entity such as the government, with the resources and power at its disposal, takes an interest in you, they'll get whatever they want. All the laws, all of every solution you can think of will not avail you. Unless you choose to go live in the deep wilderness...

Most of this falls under the old "outside of the envelope" rule or test. If you were to send someone private Snail Mail, the contents of the message are protected, but since anyone along the entire line from you to that person, including anyone who might happen to open your mailbox or the recipients, can read what's on the outside of your mail, annd your mailbox on the street is technically on public land (the first 6' are NOt your property), you have placed an iten im public view, thus anything the public can see is not private. WHO you communicate with, their address, how often, etc is all subpeona-able information because as soon as it leaves your hands it's no longer private. The constitution protects YOUR papers and affects, not those trusted to others for transit. It is expressly against federal law to open a message that is not addressed to you, unless it is "lost mail" more than 180 days old and unclaimed, and that's essentailyl the only reason messages in transit are protected for their contents at all.

Phone cals, emails, the header/call information, even for encrypted communication, is in plain text. A server administrator can also see all your messages without necessarily being able to access them, so who and when you communicate is transferred from old to new, it;s not private. This equally applies for your comings and goings, who you see and who comes to see you, as they have to cross public land to do so, this privacy is not inherited, only the communication between the two of you is protected.

The IP address of a computer used for communication is equally identical to an EMI number, phone number, or address. Where you are when you send somehting, it's origination and setination, are not private as they are connected to a public resource and handled by 3rd parties who have to know that information to operate, and you also have to openly share your IP information (at least your external IP and MAC address), in order to communicate across a public network at all, so there is no inherent privacy associated with that number as long as they also do not share your personally identifiable information with it without subpeona.

The entire point of a subpeona is in fact to match known information with a suspect to make that personally identifiable link, after which they can get a warrant to review additional information. Since a warrant needs to be specific in what and who is is searching and what for, not being able to make a PII link and identify specific information in advance would cripple investigation ability. How could you ask for emails from and to specific people if you can't confirm they even exist? The list of communication establishes due process and just cause for the issue of a warrant, this is one step in the process, and before technology, that information never was private, so our forefathers could not have rightly assumed it ever would be. You can be followed by police without a warrant, they can check your mailbox without a warrant, and they can ask an operator who you;r calling without a warrant. They still have to have DUE PROCESS to do this, and get a court order, they can't simply do it at will, and if they do, you have numerous layers of legal protections that would result in the termination if not imprisonment of officers and fines in the millions against cities. They're well trained to not snoop where they do not have probable cause, and an open case following due process, especially since it's easy to backtrace as they're charged for looking (aka, paper trail is intact, and that paper trail is public record).

I do NOT agree that email simply left in an inbox like google is "abandoned" years ago when we used POP mail and had tight storage limits that might be logical, if you had not downloaded it you had not read it. Today that is a storage repository we're taught to never delete from, no different from the read letters we store in a drawer in our house, and a warrant should be issued to access any email in our dedicated mailbox, we just moved the mailbox from our PC to a "post office" in the cloud. UNREAD mail more than 180 days old, where other mail has been read, THAT might qualify as abandoned under that rule, but not mail that was marked as read, flagged for follow up, or acted upon in any way.

I also do NOT agree that ANY file stored for ANY reason on a cloud service should not be considered my personal affects, UNTIL it's been explicitly shared to others. Its very easy to simply ask someone I shared it to (which could be construed as a contact list easily needing only a subpeona to know about) display those files, so long as that person does not refuse (and cooperation in an investigation CAN be compelled, you can't claim the 5th on someone else's behalf), so if you share an entire synced directory even just with your wife, or a logon account you use at work (for which any data passing through becomes company property), they could get that without warrant, possibly without subpeona if they already knew you shared it, but just because it;s on a server, at best, they should be able to get the file name and header information (as with a sealed envelope) but not the contents, and I would argue that the TOP LEVEL folder containing files is the envelope, that each "file" within is merely a page in the letter, and they need a warrant to access those folders, and have to have specific information they're looking for listed. As with all discovery with or without warrant, if they find evidence of a crime they do NOT suspect you of during their investigation, you can never be charged with that crime, so accessing your entire share looking for data might reveal other things, but you're protected from prosecutuion on anything the warrant did not call out they were looking for.

As Trout Mask Replica puts it nicely, IF the government WANTS to look into you specifically for some reason, all they have to do is fill out a few peices of paper and tell the judge why, and *poof* warrant granted. Warrants are one sheet (multiple copies), that simply spell out a what, where, and why, and assuming they are completed, and there's due process or evidence of a specific crime, they're granted. It's really not a system to STOP police from doing things, it;s just a mode of visibility and documentation. The only difference: if they have a warrant, a judge can;t later dismiss that evidence in trial unless they can prove it was tamprerd with or contaminated. If they have a subpeona, or act on probable cause, the judge CAN reject even legitimately collected evidence for a number of reasons. So, one way or the other, a judge still has say over what evidence a jury sees warrant or not, the warrant just ads a pain point (some time, a tiny cost) making the general use of that practice only slightly restrictive, and auditable, thus making cops hesitate to use one until they're sure. It simply prevents them from turning over every house on a street looking for someone and makes them have a better clue of which house first, that's really all it does.

From this, I'm getting "Encrypt everything, hope the Leahy bill passes, and use a proxy/TOR for everything".

Ugh.

Or, simpler, Don't commit crimes, and don't associate with people who if they commit a crime and bring the heat on your through association that would wouldn't think twice about giving the police all the access they want anyway.

If someone comes knocking and wants your data, what fear do you have giving it to them if they have just cause? If you are innocent, then they won;t find anything.

Also remember, warrant or subpeona, they have to be looking for evidence of a SPECIFIC crime, and warrants usually further limit what, where, and when they can search (if looking for a crime that happened 2 weeks ago, they can;t pull years of email). When searching for one crime, if they inadvertently DID find evidence of another, they CAN'T persue that crime, that's a constitutional protection you have. So, as long as you do not overtly do bad, the accidental criminal activity you may have inadvertantly done will never be on their radar, and even if they come searching for something else, they can't tag you for it. So, just cooperate and stop fearing what they're looking for. ...unless you both DID comit a crime, and also are either to dumb to cover your tracks our outright kept evidence of the crime, in which case, hahaha.

PRC - Speech must be limited. But, you can have all the cellphones you want.

They cannot "track" you without a warrant, they can only get you "current" location. Even with removable batteries, sooner or later you;re turning the device on. So long as they're actively seeking your current location, as soon as you plug it in, poof, they have your location and go find you. So either you don;t use a device connected to a public/regulated network infrastructure, or don;t own a phone, or just don't comit crimes.

Your comment simply follows the old and tired, "If you do nothing wrong you have nothing to hide" mentality. The issue is, though, is that, while we're human with humanity's quirks and foibles, and "laws" are written with Byzantine purpose and effectiveness by people that put on performances to impress a constituency while never imagining they may one day be on the receiving end of their own handiwork...

Simply: you put far too much faith in mankind's benevolence. Get burned once or twice and I guarantee you'll form a much different opinion. I know I have.

Be careful out there.

zelannii wrote:

tigerhawkvok wrote:

From this, I'm getting "Encrypt everything, hope the Leahy bill passes, and use a proxy/TOR for everything".

Ugh.

Or, simpler, Don't commit crimes, and don't associate with people who if they commit a crime and bring the heat on your through association that would wouldn't think twice about giving the police all the access they want anyway.

If someone comes knocking and wants your data, what fear do you have giving it to them if they have just cause? If you are innocent, then they won;t find anything.

Also remember, warrant or subpeona, they have to be looking for evidence of a SPECIFIC crime, and warrants usually further limit what, where, and when they can search (if looking for a crime that happened 2 weeks ago, they can;t pull years of email). When searching for one crime, if they inadvertently DID find evidence of another, they CAN'T persue that crime, that's a constitutional protection you have. So, as long as you do not overtly do bad, the accidental criminal activity you may have inadvertantly done will never be on their radar, and even if they come searching for something else, they can't tag you for it. So, just cooperate and stop fearing what they're looking for. ...unless you both DID comit a crime, and also are either to dumb to cover your tracks our outright kept evidence of the crime, in which case, hahaha.

Considering the distinction between draft and sent emails, what happens to sent emails pulled off the server via IMAP/POP into a local mail client? I would assume that anything deleted on the server side isn't really deleted, but I was curious if that really made any difference at all.